Tokens

Tokens are placeholder variables used in naming patterns. When you see {team} or {type} in a pattern definition, substitute the appropriate value from the tables below.

Organization Token

{org} — The organization prefix. Always the first octet.

Token	Organization
prv	Provisionr (default)
ocs	Our Collaborative Space
pqx	Piqued X
pai	Piqued AI
psl	Piqued Solutions
pst	Piqued Studios

In most contexts, you’ll use prv. The others appear in cross-tenant or legacy configurations.

Team / Department Token

{team} — The team or department that owns or operates the resource. Always the second octet.

Token	Department
exec	Executive
fin	Finance
hr	Human Resources
legal	Legal
biz	Business Operations
ops	Operations
plt	Platform Engineering
it	Information Technology
eng	Engineering
sec	Security
mktg	Marketing
sal	Sales
archive	Archive & Records
flt	Fleet (customer infrastructure)

Team Slugs

Within a department, teams get a {teamslug} — a kebab-case identifier, 3-16 characters.

Rules:

• Lowercase kebab: ^(?=.{3,16}$)[a-z][a-z0-9]*(?:-[a-z0-9]+)*$
• Unique per {org}+{team} combination
• Must not collide with any department code or reserved term

Examples: platform, apps, devex, sre, mlops, growth, content, events, fpna, privacy

Type Token

{type} — What kind of object this is. Always the third octet.

Token	What It Represents
people	People roster (dynamic membership, no privileges)
ident	Identity roster (non-people: service accounts, bots)
dept	Department group
team	Team group
role	Role / permission group
mail	Human-facing mail distribution or shared inbox
intake	Machine report ingestion and audit feeds
alerts	On-call alarms and urgent events
infra	Automation routers and fan-out
auto	Automation account (bot, job, integration)
admin	Shared admin account
cus	Customer umbrella group
prj	Project group
vendor	Vendor engagement group
partner	Partner engagement group
flt	Fleet resource (customer infrastructure)
doc	Document or artifact

System Token

{system} — The vendor or platform a resource applies to. Used in qualifiers.

Token	System
wks	Google Workspace
aws	Amazon Web Services
gl	GitLab
gh	GitHub
slack	Slack
zm	Zoom
op	1Password
tf	Terraform Cloud
cf	Cloudflare

Scope Token

{scope} — The product area or subsystem within a platform.

Token	Scope
sd	Shared Drive
groups	Google Groups
idc	Identity Center
org	Organization
vault	Vault / secret manager
channel	Slack channel
cloud	Cloud platform

Environment Token

{env} — The deployment environment.

Token	Environment
prd	Production
stg	Staging
dev	Development
sbx	Sandbox
qa	Quality Assurance

Audience Token

{audience} — The access channel or sensitivity level, commonly used for drives and mail.

Token	Audience
collab	External collaboration (sanitized, safe to share)
team	Internal working area (private to the team)
strict	Internal restricted (raw data, high-risk, chain-of-custody)

Permission Token

{perm} — The permission level granted by a role group.

Token	Level
admin	Full administrator
owner	Owner-level access
operator	Operational access
manager	Manager-level access
editor	Can edit content
maintainer	Can maintain/merge
developer	Developer-level access
read	Read-only
viewer	View-only
publisher	Can publish externally

Customer Tokens

Used for customer engagement identifiers. Frozen at registration — never change after creation.

Token	Purpose	Format
{cusslug}	Short canonical key for IDs/emails	3-6 chars, starts with letter: ^[a-z][a-z0-9]{2,5}$
{cusnameslug}	Readable kebab slug	e.g., slope-clinical
{prjslug}	Project identifier within a customer	3-12 chars, lowercase-kebab

Domain Tokens

Token	Purpose
{domain}	Tenant mailbox domain (defaults to primary)
{primary_domain}	Explicit primary mailbox domain

External Organization Tokens

Token	Purpose	Format
{extorg}	External partner/vendor org slug	3-12 chars, lowercase, hyphens ok
{function}	Partner lane	alliance, sales, prosrv, mktg, legal, ops, tech